Today at 3:26pm, Mathias Meisfjordskar wrote:
> > > openssl req -new -x509 -nodes -out server.pem -keyout server.pem
> > > -days 365
> >
> > Aha! You generated a self-signed certificate. That doesn't work with
> > OpenLDAP 2.1! You have to have a real certificate (something
> > certified by a CA).
>
> Uhm... No, self-signed certificates should be just fine:
The process you describe is not the same as what was done by the person
I replied to. You have created your own CA and then used it to sign a
request. He/She created a certificate and used it without having it
signed by a CA. See the difference?
--
Frank Swasey | http://www.uvm.edu/~fcs
Systems Programmer | Always remember: You are UNIQUE,
University of Vermont | just like everyone else.
=== God Bless Us All ===